What is the simplest way to get my bitcoins securely onto multiple usb sticks?

I don't want to futz around with extra operating systems or offline computers. I don't want to have to remember long passphrases. I am okay with the risk of assuming that I don't have any keyloggers on my computer at this moment. I don't need to be able to spend them anytime soon. What I want is basically a bunch of public addresses I can email to myself that I can safely send bitcoins to and have no worry of them disappearing in a computer crash or future hacking event.

Still you need to be wary on keylogger not just now but any point in the future you use the USB drive.

Say you store 100,000 BTC to those private keys over the next three decades. You plug the USB drive in 2042 for the first time. The inject computer instantly detects an unencrypted wallet.dat circa v0.6 client and makes a copy, transfers the balance to the attackers computer all in <1 sec.

Honestly if you want offline security use offline security and forget the USB drive.

+1 bitaddress.org. Minimum futzing, paper is very reliable, and it prevents bulk-stealing your keys when you go to redeem them in the future. You can also save a copy to USB if you want.

The sha1 f2e410251c8741ac65d29a1c6fb8ef6919b6ab8b hash is the same as everyone gets for version 1.5. It's the sha1-sum of the actual web page itself. This lets you verify that you have a legitimate copy of the page. Yes, it works fine from a local copy.

I have looked over the code (it is just just javascript all the code is right there) and there is no communication to any server.

Still I would recommend that a user do what the the author has recommended ... save a local copy of the generation page.

1) save a local copy of the webpage from http://bitaddress.org2) disconnect from the internet3) generate your addresses4) print 2+ copies (and/or encrypt a copy of output and store)5) close browser, delete all files, and reboot6) store your print or encrypted digital copies in multiple safe locations.

Every byte of flash ever created will eventually fail that is an absolute guarantee.

well, "eventually" is quite open, not?But I agree, flash stands no chance to survive as long as plain (acid-free) paper written with a pen.A laserprinter-print should work fine for several lifespans too.Pro-mode: engrave a metal plate with the privkey. Should survive much about anything, including mould, water, fire.Use steel for high temperature resistance, copper/brass for high corrosion resistance, silver for being cool! :-)

Say you store 100,000 BTC to those private keys over the next three decades. You plug the USB drive in 2042 for the first time. The inject computer instantly detects an unencrypted wallet.dat circa v0.6 client and makes a copy, transfers the balance to the attackers computer all in <1 sec.

I have looked over the code (it is just just javascript all the code is right there) and there is no communication to any server.

Still I would recommend that a user do what the the author has recommended ... save a local copy of the generation page.

1) save a local copy of the webpage from http://bitaddress.org2) disconnect from the internet3) generate your addresses4) print 2+ copies (and/or encrypt a copy of output and store)5) close browser, delete all files, and reboot6) store your print or encrypted digital copies in multiple safe locations.

You forgot to purge the printer's memory after you print and burn a blanking document (to prevent people from looking at the next document that comes out of your laser printer with a microscope).

If you guys want to go that far into the depths of paranoia, your printer is a huge security hole that most people don't do anything about.

1) save a local copy of the webpage from http://bitaddress.org2) disconnect from the internet3) generate your addresses4) print 2+ copies (and/or encrypt a copy of output and store)5) close browser, delete all files, and reboot6) store your print or encrypted digital copies in multiple safe locations.

You forgot to purge the printer's memory after you print and burn a blanking document (to prevent people from looking at the next document that comes out of your laser printer with a microscope).

If you guys want to go that far into the depths of paranoia, your printer is a huge security hole that most people don't do anything about.

Paranoia?

If the system was infected with malware that does screen captures even when offline, then even your "offline paper wallet" is at risk.

Quote

Some malware families are capable of generating a screen capture with every mouse click during login, then sending the captured sequence of screens to the fraudster, where they can be sifted through visually to steal login credentials.

Now if you are storing small amounts to the paper wallet, ending up with a paper wallet created from a compromised system might be a risk you are willing to take. But since some people are putting larger amounts or are using the wallet for long-term savings of bitcoins, they should know that doing the above only after booting from a trusted live-CD (such as an official Ubuntu release) is the significantly more secure approach.

You forgot to purge the printer's memory after you print and burn a blanking document (to prevent people from looking at the next document that comes out of your laser printer with a microscope).

If you guys want to go that far into the depths of paranoia, your printer is a huge security hole that most people don't do anything about.

Whoa! Thats news to me!I only knew about printers marking printouts with tiny yellow dots to make them uniquely identificable, and that some typewriters and needle-printers (oh, and labelprinters too!) have a printing ribbon where you can read exactly what was printed.. Talking about paranoia, huh?

Hmm.. I will have to investigate in that ghost-images on the next printout some day. Interesting. Paranoia: this reminds me on the cold-boot-attack, where you reboot a computer with your own OS (USB-drive) to read out the still readable data from the RAM, or simply pry out the RAM modules after supercooling them and read out the data on another computer..

If its that far, you probably wont like the idea to print/write the priv key, walk to a jeweller and give him that key to engrave in some metal piece. Do it quick, before Bitcoins and keys are widely recognized! :-)

Some malware families are capable of generating a screen capture with every mouse click during login, then sending the captured sequence of screens to the fraudster, where they can be sifted through visually to steal login credentials.

Now if you are storing small amounts to the paper wallet, ending up with a paper wallet created from a compromised system might be a risk you are willing to take. But since some people are putting larger amounts or are using the wallet for long-term savings of bitcoins, they should know that doing the above only after booting from a trusted live-CD (such as an official Ubuntu release) is the significantly more secure approach.

for this reason you might consider putting together an 'offline' computer specifically for this purpose (i.e. a computer that is never put back online). ...or use an old $50 laptop with the wifi thoroughly disabled.